Cloud operations (CloudOps) are on the rise, with the cloud expected to host over 100 zettabytes of data by 2025. The increase in cloud computing means threat surfaces are also growing, and bad actors have more opportunities to breach organizations than ever before. While cybersecurity experts can’t react to threats as quickly as they’re multiplying, artificial intelligence (AI) has made it possible to automate a large part of the security process.
The Risks of Cloud and Third-Party Apps
While cloud and third-party applications make it easier for businesses to operate, they introduce their own set of security risks. Organizations have less control over third-party apps than they would if they built them in-house. And because of this, more people and applications have access—not just employees.
Third-party applications open a backdoor into the business network that organizations don’t always secure on their own. In the SolarWinds breach, for example, attackers were able to gain access to the Orion monitoring platform, which gave them valuable cybersecurity information on thousands of organizations and access to their networks. Unfortunately, SolarWinds didn’t discover the breach for nine months, meaning the attackers gained nine months of knowledge and access. While AI may not have prevented the initial breach, it likely could have identified the intrusion much faster.
In addition to third-party risks, more applications in the cloud means more places for attackers to hide or breach to gain access to the network. Because the threat surface is distributed across the cloud, there are also more potential attackers posing as customers, partners and even employees.
Why is AI an Effective Security Measure?
With the larger attack surface, businesses should include AI as a baseline technology in their security measures. Human error causes approximately 88 percent of all security breaches. AI solves that by automating repetitive tasks and monitoring more traffic at one time than humans can. It also never gets tired or makes an error, ensuring that remediation tactics are consistent every time.
Another significant benefit of using AI for cybersecurity is behavioral analysis. Most cybersecurity AI monitoring tools can track normal behaviors of customers, employees, or partners, enabling AI to quickly identify anything out of the norm as different users use their cloud applications.
For example, if an employee in Chicago is only ever logged in from 9 AM to 5 PM during the week, and typically uses an application by visiting pages A, B, and C in that order, but suddenly the credentials are used to access sensitive information at 2 AM on a Saturday from Tokyo making initial requests to page C, AI can block the request and flag it for IT to investigate or challenge.
AI can also train itself through intent-based algorithms that watch and learn normal patterns of behavior and uses that to flag questionable or bad behavior. However, with this model, the security is only as good as the data scientists who created the algorithms, since the AI will do exactly what it was programmed to do as it learns – not more or less. If organizations work with knowledgeable and experienced data scientists who understand algorithm biases and how unintended consequences can cause problems, AI is one of the best security measures they can have in place.
CloudSecOps is a Battle of Algorithms
The unfortunate reality is that bad actors already employ AI to power their attacks in the form of bots. If that’s the case, businesses can’t afford not to include AI in their cybersecurity processes to keep up. Cloud security operations (CloudSecOps) is a battle between good AI and bad AI. Good AI needs automation and strong policy enforcement to be effective, which means businesses need to work with expert data scientists to build strong policies into the algorithms.
Additionally, human cybersecurity experts can’t shut down bad bots as fast as attackers create them, meaning businesses need AI incorporated into their CloudSecOps to stand a fighting chance. AI also has the ability to infinitely scale while protecting applications by differentiating between good bots, like those used by search engines to index a website, and bad bots that cause harm.
To protect against today’s threats, the best security strategies use a proactive approach. Human security analysts can only be reactive, responding to security threats after they occur. Yet, AI allows for a proactive approach by providing real-time monitoring of the attack surface and prompting action to advance security measures. Cybersecurity experts can best use their skills to build logic to remediate threats by working with data scientists to improve AI algorithms.
Security Has to Be a Priority with CloudOps
Cybersecurity can’t be an afterthought when it comes to CloudOps. It has to be built in from the beginning, using AI to automate and enforce security policies. It’s important to remember that current capabilities are always changing. Even if an organization addressed security during its first cloud migration, it may not be keeping up with emerging threats or taking advantage of current AI technologies.
Businesses that already have CloudOps or are considering a cloud migration need to revisit current AI capabilities to see how they can help improve their security landscape and put them on a more proactive footing. And if they don’t already have experienced data scientists on staff, they should consider hiring or partnering with companies that can provide their services to determine how to best build their next CloudSecOps organization.
Ready to improve your CloudSecOps? Check out our guide to Cloud Security Best Practices.
Mike O’Malley is the SVP of strategy at SenecaGlobal, a leading software development as-a-service company specializing in digital transformation. He has been in product development for 20+ years leading development, product management, marketing, and M&A in the tech space.
Throughout his career, Mike has combined deep engineering knowledge with business acumen to help companies figure out what creates success in the market for a product or solution. Then he builds and coaches teams to make it happen again and again. Mike holds a Bachelor of Science and a Master of Science degree in electrical engineering and a Master of Business Administration from the University of Illinois.